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AMHNDMENT TO THE CLAIMS 
Claims 1-9, 12, 14, 16-17, 20, 22-32, 35-36, 44-66 remain in this application. 
Claims 1, 23, 50, 57^ and 62 have been funcndcd. Claims 32, 34, ojid 37-43 have been 
canceled. *No new claims have been added. 

IJstins: of Claims: 

L (Currently Amended) A systems comprising: 

a local area network (TAN) having at least one host device, the at least one host 
device having software to perform anti-virus scamiing; 

a commum cation module to communicate anti-vims protection information for 
the At least one host device to an access module, the anti-vii-us protection information 
including status of anti-vims protection of the at least one host device; and 

the access module coupled to the LAN to maintain a policy regarding anti-virus 
protection for the LAN and manage anti-virus protection scanning performed by the at 
leiist one host device, the access module to exchange anti-virus protection infonnation 
with the at least one host device using the communication module of the at least one host 
devic e, and, and to deny tho at leo^t on e host do\ioe aoo e sa to tho Intern e t if the status of 
the unti'Virus protection of the at least one host device is not compliant with the policy, to 
deny the at least one host device access to the Internet and to bring the anli-viras 
proteclion of the at least one host device into compliance with the policy . 

2. (Original) The system defined in Claim 1 wherein the communication module 
is part of the at least one host device, 

AtloTncy's n<Kkct Nnmbtr; 46I9.P001 2 AppL Scr. No. 09/835.054 

PAGE 6/21 * RCVO AT 10/26/2005 6:02:1 1 PIM [Eastern Daylight Time] ' SVR:USPTO-EFXRF-6/25 ' ONIS:2738300 * CSID:408 720 9397 ' DURATION (mfn-ss):04-3fl 



OC.T-26-2005 WED 01:57 Pti BST8tZ 



FAX NO. 408 720 9397 



P. 



3. (Original) The system defined in Clainr\ 1 wherein the access module sends at 
least one command to the at least one host device via the conununi cation module. 

4. (Original) The system defined in Claim 3 wherein the at Ipast one command 
Coinpriscs> a a^nnnand selected from a group comprising; a command to request status of 
ihc anti-vims protection of the at least on "host device, a command to have the at least one 
hc\st to update Ihc anli-virus protection, a command to uninslall the anti-virus protection, 
and a command to check a specific file or directory, 

5. (Original) The system of claim 1 , wherein a system administi*ator sets a range 
of compliance for the anti-vims protection policy. 

6. (Original) The system of claim 5, wherein the Internet access module denies 
access to the Internet to the at least one host device if not in the range of compliance, 

7. (Original) The system of claim 1, wherein the access module enforces and 
maintains the anti-virus protection policies for more than one host device. 

(Original) The system of claim 7, wherein tlie anti-vims protection policies 
differ between host devices on the LAN. 

9, (Previously Presented) The system of claim 1 , wherein tlic status of the anti- 
vims protection of the host device includes a version number of the anti-virus protection 
software oji the host device, 
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10. 



(Canceled) 



IL (Canceled) 



12. (Previously Presented) 



The system of claim 1 , wherein the status of the 



anti-vims protection of the host device includes a time stamp indicating v^hen the anti- 
virus protection software was last updated on the host device. 

13. (Canceled) 

14. (Oriirinal) The system of claim 1 , wherein the access module initiates an 
update in anil-virus protection for the host-device. 

15. (Cajicclcd) 

16. (Original) 'die system of claim 1, wherein the host device reports a problem 
with a viais to ihc Internet access module. 

1 7. (Previously Presented) The system of claim 1 , wherein the access module 
is one or more of; 

a live firewall, a pro?cy server, a router, or a gateway. 

1 8. (Canceled) 
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19. (Canceled) 

20. (Original) ; The system of claim 1 , wherein the access module is a modem. 

21. (Canceled) 

22. (Original) The system of claim 1 , wherein the accejjs module is an application 
server, 

23. (Cvtrrcnlly Amended) A method, comprising: 

connecting a local area network to an Internet via an Tntcmct access module; 
connecting a host device to the Internet via the local area network; and 
using the Internet access module to enforce a policy for anti-virus protection on 
the host device based on the status of anti-virus protection on the host 
device, wherein the using includes, 

denying the host device access to the Internet if the status of 
the anti-virus protection on the host device is not 
compliant with the policy[[.]] . wherein the denying 
includes^ 

applying a range of compliance for the anti-virus 
protection policy set hy a .sv5;tem 
adminifitraton 

removing the rang e of compliaiice and reauirini; 
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the most currt^nt anti-virus protection 
U]3on notice of a vims alert, 

24. (Previously Presented) Tlic method of claim 23, further comprising 
connecting the host device with the Internet access module via an out of band protocol. 

25. (Previously Prescnte(J) The method of claim 24, further comprisinfi 
communicating a version number of the anti-virus protection on the host dcvico to the 
Internet access module over the out of band protocol. 

26. (Previously Presented) The method of claim 24, further comprising 
communicating a time stamp indicating when the anti-virus protection was l£LSt updated 
on the host device to the Internet access module over the out of band protocol. 

27. (Previously Presented) The method of claim 24, further comprising 
initiating an update in anli-virus protection for the host-'dcvice over the out of band 
protocol. 

28. (Previously Presented) The method of claim 24, further comprising 
encrypting the out of band protocol. 

29. (Previously Presented) The method of claim 23, further comprising 
connecting more than one host device to the local area network. 
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30. (Previously Presented) The method of claim 29, further comprising using 
ihc Internet access module enforces and maintains the anti-virus protection policies for 
more than one host device. 

3 1 . (Previously Presented) The method of claim 30, wherein the anti- virus 
protection policies difi'er between host devices. 

32. (Canceled) 

33. (Canceled) 

34. (Canceled) 

35. (Previously Presented) 'Hie method of claim 23, further comprising the host 
device is checked repeatedly to make sure the anti-virus protection is not disabled. 

36. (Previously Presented) The method of claim 23, further comprising 
reporting a problem with a virus to the Internet access module. 

37. (Canceled) 

38. (Canceled) 

39. (Cnnceled) 
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40. (Canceled) 

41. (Canceled) 

42. (Canceled) 

43. (Canceled) 

44. (Previously Presented) A system, comprising: 

a local area network (LAN) having at least one host device, the at least one host 
device having software to perform anti-virus scanning; 

a communication module to communicate anti-virus protection information for 
the at least one hoyt device to an access module, the anti-virus protection information 
including status of anti-virus protection of the host device; and 

the access module coupled to the LAN to maintain a policy regarding anti-virus 
protection for the LAN and manage anti-virus protection scanning performed by the at 
least one host device, the access module to exchange anti-virus protection information 
with the at least one host device using the communication module of tlie at least host 
device and to deny the at least one host device access to the Internet if the at least one 
host device docs not have anti-virus protection compliant with the policy, wherein 
compliance with the policy is either a range of compliance or the most up to date anti- 
virus protection depending on whether there is currently a virus alert, 
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45. (Previously Prcsentetl) The system of claim 44, whei-ein the access module 
pnfovccs and maintains the anti-virus protection policies for more than one host device; 
and 

wherein the anti-virus protection policies differ between host devices on the LAN, 

46. (Previously Presented) The system of claim 44, wherein the slatus of ihc 
auli-virus protection of the at least one host device includes one or more of a version 
number of tlic anLi-virus protection softwai*e on the host device and a time stamp 
Indicating when the anti-virus protection software was last updated on the host device, 

47. (Previously Presented) The system of claim 44^ wherein the access module 
initiates an up^late in anti-virus protection for the at least one host device. 

48, (Previously Presented) Tlie system of claim 44, wherein the at least one 
host device rcpotts a problem witli a virus to the access module. 

49, (Previously Presented) The system of claim 44, wherein the access module 
is one or more of: 

a live firewalU a proxy server, a router, a modem, a gateway^ or an application 

server, 

50, (Currently Amended) An apparatus comprising; 

an Internet access module to be coupled to connect the Internet and a local area 
network (LAN) including host devices, the Internet access module to receive from the 
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host devices their anti-virus protection status and to deny Internet access to those of Ihe 
host devices whose anti-viruii protection status is not compliant with a corresponding 
anii-virus proleelion poliev an d make available software components necessary to briim 
tho se host devices who^e anti-virus protection status is not comphant into g^mpliance 
with Ihe corresponding anti-virus protection policy . 

5 1 . (Previously Presented) The apparatus of claim 50, wherein the anti-virus 
protection policy includes a range of compliance. 

52. (Previously Presented) The apparatus of claim 50, wherein the anti-virus 
protection policy diiTers between the host devices on the LAN. 

53. (Previously Presented) The system of claim 50, wherein the status of the 
anti-vims protection of at least one of the host devices includes one or more of a version 
number of the anti-vims protection software on that host device and a time stamp 
indicating when the anti-vij'us protection software was last updated on that host device, 

54* (Prcviowly Presented) The system of claim 50> wherein the Internet access 
module initiates on update in anti-virus protection for at least one of the host devices, 

55. (Previously Presented) The system oF claim 50, wherein the Internet access 

module is one or more of: 

a live firewall, u proxy server, a router, a modem, a gateway, or an application 

server. 
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56. (Previously Presented) The system of claim 50, wherein compliaacc with 
Uic anti-virus protection policy is either a range of compliance or the most up to date anti- 
viais protection depending on whether there is currently a virus alert. 

57. (Cun'Cntly Amended) A method comprising: 

enforcing anti-virus protection in a module providing Internet access to a plurality 
of host devices belonging to a local area network by perfonning the 
following for each oFthe plurality of host devices repeatedly, 

receiving status of the anti-virus protection on the host device, 

determining compliance with an anti-virus protection policy 

based on the anti- virus protection statu$, af^ 
denying Internet access to the host device if its anti-viius 

protection status is determined not compliant[[,]li 
and 

providing software components to bring the host devices into 

compliance with the anti-virus protection policv if its anti- 
virus protection status is determined not compliant, 

5S. (Previously Presented) Tlic method of claim 57, wherein the determining 

compliance including determining if the anti-vinis protection status is within a range of 
compliance. 

59. (Previously Presented) The method of claim 57, the performing for each of 
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\hc plurality ofhost devices also includes removing the range of compliance upon notices 
of a virus alert 

60, (Previously Presented) Tlie nicthod of claim 57, wherein status of the anri- 
vinis protection includes one or more of a version number of the anti-virus protection 
softvvare on the host device and when the anti-vims protection software was last updated. 

61 , (Previously Presented) The method of claim 57, wherein the pcrfoi-ming for each 
oflhc pkirality of host devices also includes initiating an update of the anti-virus 
protection on the host device. 

62, (Currently Amended) A machine-readable medium that provides instructions, 
which wlien executed by a machine, cause said machine to perfoiin operation;^ 
comprising: 

enforcing anti-virus protection in a module providing Internet access to a plurality 
of iiost devices belonging to a local area network by performing the 
following for each of the plurality of host devices repeatedly, 

receiving Status of the anti-virus protection on the host device, 

determining compliance with an anti-vims protection policy 

based on the anti-virus protection status, m^i 
denying Internet access to the host device if its anti-viius 

protection status is determined not compHant[[.]Ji 
and 
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provicling software components (o bring the host dcviceit into 

compliance with the anti-virus protection policy if its antU 
virus protection status is determined not cofnTiUanL 

63. (Previously Presented) The machine-readable metlium of claim 62, wherein 
the determining compliance including detemiining if the anti-virus protection status is 
within a range of compliance, 

64. (Previously Presented) The machine-readable medium of claim 62, the 
performing for each of the plurality of host devices also includes removing the range of 
compliance upon notices of a virus alcit, 

65. (Previously Presented) The machine-readable medium of claim 62, wherein 
status of the anti-vims protection includes one or more of a version number of ihc anti- 
virus protection software on the host device and when the anti-virus protection software 
was last updated. 

66. (Previously Presented) The machine-readable medium of claim 62, wherein 
the pcrfonming for each of the pluraUty of host devices also includes initiating an update 
of the anti-vims protection on the host device. 
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